Файл: gazeta.php
Строк: 70
<?php
include $_SERVER['DOCUMENT_ROOT'] . '/system/sys.php';
include $_SERVER['DOCUMENT_ROOT'] . '/system/funcs.php';
if (!isset ($us)) {
header ('location: /');
exit;
}
switch ($_GET['mod']) {
default:
header ('location: /gazeta.php?mod=index');
break;
case index:
H ('Газета', 'Газета');
$n_c = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `gazeta`");
echo '<div class="menu2">Последние:</div>';
if ($n_c != 0) {
$query = DB :: $dbs -> query ("SELECT * FROM `gazeta` ORDER BY `id` DESC LIMIT 5");
while ($pub = $query -> fetch ()) {
echo '<div class="list1"><img src="" alt=""/> <a href="/gazeta.php?mod=read&id=' . $pub['id'] . '">' . $pub['name'] . '</a> (' . datef ( $pub['t'] ) . ')</div>';
}
}
echo '<div class="menu2">Разделы:</div>';
$r_c = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `gazeta_r`");
if ($r_c != 0) {
$query = DB :: $dbs -> query ("SELECT * FROM `gazeta_r` ORDER BY `id`");
while ($r = $query -> fetch ()) {
echo '<div class="list1"><img src="" alt=""/> <a href="/gazeta.php?mod=r&id=' . $r['id'] . '">' . $r['name'] . '</a> (' . DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `gazeta` WHERE (`id_r`='" . $r['id'] . "')") . ')</div>';
}
}
break;
case r:
if (!isset ($_GET['id'])) {
header ('location: /gazeta.php');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `gazeta_r` WHERE (`id`=?)", array ((int) $_GET['id']));
if ($query -> rowCount () == 0) {
header ('location: /gazeta.php');
exit;
}
$r = $query -> fetch ();
H ($r['name'], '<a href="/gazeta.php" style="color:white;">Газета</a> | ' . $r['name']);
if (isset ($_GET['add'])) {
if ($us['jur']==0) {
header ('location: /gazeta.php?mod=r&id=' . $r['id']);
exit;
}
echo '<form action="/gazeta.php?mod=r&id=' . $r['id'] . '&add&ok" method="post">';
echo '<div class="list1">';
echo 'Заголовок:<br/><input name="name"/><br/>';
echo 'Текст:<br/>';
echo '<textarea name="text" rows="3" style="width:100%;"></textarea><br/>';
echo '</div>';
echo '<div class="lst">';
echo '<input type="submit" value="Добавить"/>';
echo '</div>';
echo '</form>';
if (isset ($_GET['ok'])) {
$_POST['name'] = htmlspecialchars (addslashes (trim ($_POST['name'])));
$_POST['text'] = htmlspecialchars (addslashes (trim ($_POST['text'])));
if (empty ($_POST['name'])) {
echo '<div class="list1"><b>Вы не ввели заголовок..</b></div>';
}
elseif (empty ($_POST['text'])) {
echo '<div class="list1"><b>Вы не ввели текст..</b></div>';
}
else {
DB :: $dbs -> query ("INSERT INTO `gazeta` (`id_r`,`name`,`text`,`us`,`t`) VALUES ('" . $r['id'] . "', ?, ?, '" . $us['id'] . "', '" . time () . "')", array ($_POST['name'], $_POST['text']));
$id = DB :: $dbs -> lastInsertId ();
header ('location: /gazeta.php?mod=read&id=' . $id);
}
}
}
else {
if ($us['jur']==1) {
echo '<div class="menu2"><img src="" alt="" align="middle"/> <a href="/gazeta.php?mod=r&id=' . $r['id'] . '&add" style="color:white;">Добавить</a></div>';
}
$items = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `gazeta` WHERE (`id_r`='" . $r['id'] . "')");
$items_per_page = 10;
$pages = ceil ( $items / $items_per_page );
$page = (int) $_GET['page'];
if ($page < 1)
$page = 1;
if ($page > $pages)
$page = $pages;
$start = $page * $items_per_page - $items_per_page;
if ($items==0) {
echo '<div class="list1">Публикаций нет..</div>';
}
else {
$query = DB :: $dbs -> query ("SELECT * FROM `gazeta` WHERE (`us`='" . $us['id'] . "') ORDER BY `id` DESC LIMIT $start, $items_per_page");
while ($pub = $query -> fetch()) {
echo '<div class="list1"><img src="" alt=""/> <a href="/gazeta.php?mod=read&id=' . $pub['id'] . '">' . $pub['name'] . '</a> (' . datef ($pub['t']) . ')</div>';
}
echo '<div class="lst">' . pages ('/gazeta/' . $r['id']) . '</div>';
}
}
break;
/*
---
Публикация
---
*/
case read:
if (!isset ($_GET['id'])) {
header ('location: /gazeta.php');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `gazeta` WHERE (`id`=?)", array ((int) $_GET['id']));
if ($query -> rowCount () == 0) {
header ('location: /gazeta.php');
exit;
}
$pub = $query -> fetch ();
$r = DB :: $dbs -> queryFetch ("SELECT * FROM `gazeta_r` WHERE (`id`='" . $pub['id_r'] . "')");
H ($pub['name'], '<a href="/gazeta.php" style="color:white;">Газета</a> | <a href="/gazeta.php?mod=r&id=' . $r['id'] . '" style="color:white;">' . $r['name'] . '</a> | ' . $pub['name']);
echo '<div class="list1">' . bb ($pub['text']) . '</div>';
echo '<div class="list1"><span style="color:grey;">Добавил: ' . uNick ($pub['us']) . ' (' . datef ($pub['t']) . ')</span></div>';
echo '<div class="list1"><a href="/gazeta.php?mod=komm&id=' . $pub['id'] . '">Комментарии</a>: (' . DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `gazeta_komm` WHERE (`id_pub`='" . $pub['id'] . "')") . ')</div>';
break;
/*
---
Комментарии
---
*/
case komm:
if (!isset ($_GET['id'])) {
header ('location: /gazeta.php');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `gazeta` WHERE (`id`=?)", array ((int) $_GET['id']));
if ($query -> rowCount () == 0) {
header ('location: /gazeta.php');
exit;
}
$pub = $query -> fetch ();
$r = DB :: $dbs -> queryFetch ("SELECT * FROM `gazeta_r` WHERE (`id`='" . $pub['id_r'] . "')");
$items = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `gazeta_komm` WHERE (`id_pub`='" . $pub['id'] . "')");
H ($pub['name'], 'Комментарии к публикации (' . $items . ')');
$items_per_page = 10;
$pages = ceil ( $items / $items_per_page );
$page = (int) $_GET['page'];
if ($page < 1)
$page = 1;
if ($page > $pages)
$page = $pages;
$start = $page * $items_per_page - $items_per_page;
$_GET['komu'] = isset ($_GET['komu']) ? (int) $_GET['komu'] : 0;
if ($_GET['komu']!=0) {
if ($_GET['komu'] == $us['id']) {
header ('location: /');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `us` WHERE (`id`='" . $_GET['komu'] . "')");
if ($query -> rowCount () == 0) {
header ('location: /');
exit;
}
}
echo '<div class="list1">';
echo '<form action="/gazeta.php?mod=komm&id=' . $pub['id'] . '&komu=' . $_GET['id'] . '&add" method="post">';
echo 'Комментарии' . ($_GET['komu'] != 0 ? ' для ' . uNick ($_GET['komu']) : '') . ':<br/>';
echo '<textarea name="kom"></textarea><br/>';
echo '<input type="submit" value="Добавить"/>';
echo '</form>';
echo '</div>';
if (isset ($_GET['add'])) {
$_POST['kom'] = htmlspecialchars (addslashes (trim ($_POST['kom'])));
if (empty ($_POST['kom'])) {
echo '<div class="list1"><b style="color:red;">Вы не ввели текст комментария..</b></div>';
}
else {
if (DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `gazeta_komm` WHERE (`us`='" . $us['id'] . "') AND (`text`=?)", array ($_POST['kom'])) != 0) {
echo '<div class="list1"><b style="color:red;">Вы уже писали это.</b></div>';
}
else {
DB :: $dbs -> query ("INSERT INTO `gazeta_komm` (`id_r`,`id_pub`,`us`,`komu`, `text`,`t`) VALUES ('" . $r['id'] . "', '" . $pub['id'] . "','" . $us['id'] . "', '" . $_GET['komu'] . "',?,'" . time () . "')", array ($_POST['kom']));
if ($_GET['komu']!=0) {
DB :: $dbs -> query ("INSERT INTO `action` (`value`,`t`,`us`) VALUES ('us{" . $us['id'] . "} ответил вам в [url=/gazeta.php?mod=komm&id=" . $pub['id'] . "]комментариях[/url] к публицации!', '" . time () . "', '" . $_GET['komu'] . "')");
}
if ($pub['us']!=$us['id']) {
DB :: $dbs -> query ("INSERT INTO `action` (`value`,`t`,`us`) VALUES ('us{" . $us['id'] . "} ответил в [url=/gazeta.php?mod=komm&id=" . $pub['id'] . "]комментариях[/url] к вашей публицации!', '" . time () . "', '" . $pub['us'] . "')");
}
header ('location: /gazeta.php?mod=komm&id=' . $pub['id']);
}
}
}
if ($items == 0) {
echo '<div class="list1">Комментариев пока нет..</div>';
}
else {
$query = DB :: $dbs -> query ("SELECT * FROM `gazeta_komm` WHERE (`id_pub`='" . $pub['id'] . "') ORDER BY `id` DESC LIMIT $start, $items_per_page");
while ($komm = $query -> fetch ()) {
$u = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE (`id`='" . $komm['id'] . "')");
echo '<div class="list1">';
echo uNick ($komm['us']) . ' (' . datef ($komm['t']) . ')';
if ($komm['us']!=$us['id']) {
echo '[<a href="/gazeta.php?mod=komm&id=' . $f['id'] . '&komu=' . $komm['us'] . '">отв</a>]';
}
echo '<br/>';
echo bb ($komm['text']);
echo '</div>';
}
echo '<div class="list1">' . pages ('/gazeta/komm/' . $pub['id']) . '</div>';
}
break;
}
F ();